Compare commits
4 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
f35ed4489f | ||
|
a0b1fc2aa1 | ||
|
f12ed075c6 | ||
|
888339bc4c |
@ -3,9 +3,11 @@
|
|||||||
%global vendor_token_str %{expand:%%{nil}%%{?vendor_token_name:-t "%{vendor_token_name}"}}
|
%global vendor_token_str %{expand:%%{nil}%%{?vendor_token_name:-t "%{vendor_token_name}"}}
|
||||||
%global vendor_cert_str %{expand:%%{!?vendor_cert_nickname:-c "Red Hat Test Certificate"}%%{?vendor_cert_nickname:-c "%%{vendor_cert_nickname}"}}
|
%global vendor_cert_str %{expand:%%{!?vendor_cert_nickname:-c "Red Hat Test Certificate"}%%{?vendor_cert_nickname:-c "%%{vendor_cert_nickname}"}}
|
||||||
|
|
||||||
%global grub_version 2.06~rc1
|
%global grub_version 2.06-63
|
||||||
%global fwupd_version 1.5.8
|
%global fwupd_version 1.5.8
|
||||||
|
|
||||||
|
%define __pesign_client_cert grub2-signer
|
||||||
|
|
||||||
%global bootcsvaa64 %{expand:%{SOURCE10}}
|
%global bootcsvaa64 %{expand:%{SOURCE10}}
|
||||||
%global bootcsvarm %{expand:%{SOURCE13}}
|
%global bootcsvarm %{expand:%{SOURCE13}}
|
||||||
%global bootcsvia32 %{expand:%{SOURCE11}}
|
%global bootcsvia32 %{expand:%{SOURCE11}}
|
||||||
@ -16,10 +18,10 @@
|
|||||||
%global shimefiia32 %{expand:%{SOURCE21}}
|
%global shimefiia32 %{expand:%{SOURCE21}}
|
||||||
%global shimefix64 %{expand:%{SOURCE22}}
|
%global shimefix64 %{expand:%{SOURCE22}}
|
||||||
|
|
||||||
%global shimveraa64 15.6-2
|
%global shimveraa64 15.8-2
|
||||||
%global shimverarm 15.4-1.fc34
|
%global shimverarm 15.4-1.fc34
|
||||||
%global shimveria32 15.6-1
|
%global shimveria32 15.8-2
|
||||||
%global shimverx64 15.6-1
|
%global shimverx64 15.8-2
|
||||||
|
|
||||||
%global shimdiraa64 %{_datadir}/shim/%{shimveraa64}/aa64
|
%global shimdiraa64 %{_datadir}/shim/%{shimveraa64}/aa64
|
||||||
%global shimdirarm %{_datadir}/shim/%{shimverarm}/arm
|
%global shimdirarm %{_datadir}/shim/%{shimverarm}/arm
|
||||||
@ -75,8 +77,8 @@ version signed by the UEFI signing service. \
|
|||||||
# -i <input>
|
# -i <input>
|
||||||
%define hash(a:i:d:) \
|
%define hash(a:i:d:) \
|
||||||
pesign -i %{-i*} -h -P > shim.hash \
|
pesign -i %{-i*} -h -P > shim.hash \
|
||||||
read file0 hash0 < shim.hash \
|
read hash0 file0 < shim.hash \
|
||||||
read file1 hash1 < %{-d*}/shim%{-a*}.hash \
|
read hash1 file1 < %{-d*}/shim%{-a*}.hash \
|
||||||
if ! [ "$hash0" = "$hash1" ]; then \
|
if ! [ "$hash0" = "$hash1" ]; then \
|
||||||
echo Invalid signature\! > /dev/stderr \
|
echo Invalid signature\! > /dev/stderr \
|
||||||
echo $hash0 vs $hash1 \
|
echo $hash0 vs $hash1 \
|
||||||
|
21
shim.spec
21
shim.spec
@ -4,8 +4,8 @@
|
|||||||
%global dist %{expand:%%{_dist}}
|
%global dist %{expand:%%{_dist}}
|
||||||
|
|
||||||
Name: shim
|
Name: shim
|
||||||
Version: 15.6
|
Version: 15.8
|
||||||
Release: 2%{?dist}
|
Release: 3%{?dist}
|
||||||
Summary: First-stage UEFI bootloader
|
Summary: First-stage UEFI bootloader
|
||||||
License: BSD-3-Clause
|
License: BSD-3-Clause
|
||||||
URL: https://github.com/rhboot/shim/
|
URL: https://github.com/rhboot/shim/
|
||||||
@ -107,6 +107,23 @@ install -m 0644 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/dnf/protected.d/
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Mar 19 2024 Peter Jones <pjones@redhat.com> - 15.8-3
|
||||||
|
- Fix fbx64/mmx64 signing.
|
||||||
|
Related: rhbz#2189197
|
||||||
|
|
||||||
|
* Tue Mar 12 2024 Peter Jones <pjones@redhat.com> - 15.8-2
|
||||||
|
- Update to shim-15.8
|
||||||
|
Resolves: CVE-2023-40546
|
||||||
|
Resolves: CVE-2023-40547
|
||||||
|
Resolves: CVE-2023-40548
|
||||||
|
Resolves: CVE-2023-40549
|
||||||
|
Resolves: CVE-2023-40550
|
||||||
|
Resolves: CVE-2023-40551
|
||||||
|
Resolves: rhbz#2113005
|
||||||
|
Resolves: rhbz#2189197
|
||||||
|
Resolves: rhbz#2238884
|
||||||
|
Resolves: rhbz#2259264
|
||||||
|
|
||||||
* Thu Jul 07 2022 Robbie Harwood <rharwood@redhat.com> - 15.6-2
|
* Thu Jul 07 2022 Robbie Harwood <rharwood@redhat.com> - 15.6-2
|
||||||
- Update aarch64 (only) with relocation fixes
|
- Update aarch64 (only) with relocation fixes
|
||||||
- Resolves: #2101248
|
- Resolves: #2101248
|
||||||
|
6
sources
6
sources
@ -1,3 +1,3 @@
|
|||||||
SHA512 (shimx64.efi) = 06488f3f5daf09b3e37e160721e9bf4c68a3ea17dcd19fad7dd1d7edbcf4c218a5b6264e7780bef46e400213459c1a8c9a0c4c1c48f7fe5d7b55b868dbdc3823
|
SHA512 (shimaa64.efi) = 8891ba415802b97828b7939b81c0235610f3648fd257df8e4b754e1fa4899da9e202fd1be95bbcb095816525b601a6ecfa3ec94be08de5f5fa1911cffc683d13
|
||||||
SHA512 (shimia32.efi) = 8241bed8c3e2789741da15e265efb6a1d35d02c4ffbfd21428910c9e366575137a3d9d0c73aa10e62d59d81a98496668a05c5ac7f18a677ccb54e884db48f507
|
SHA512 (shimia32.efi) = 6d4396f289400516b883733f0fd3621e7ec4d70afd02e988651f37db81298775da69c04b998d87a4760b2fa4b96130c70eb0875fad1cf290c52ea606ae40d12e
|
||||||
SHA512 (shimaa64.efi) = b2b77ebbdeda9f9110dd9a6ef4ad15ae57b53ce01ef5c912163159226dc39d5ed35e0dbcfa46dc8ab9f714b63aaea52cd42746aa54155313b43dd27dd57a62f5
|
SHA512 (shimx64.efi) = cc23d8c3cb2dcf749075268b77eb796fb430182cbbc04171ded14d43e32b4a5cdeeb1a08666ee0e288bd37d63f657a9af5e7f2012dd70694d11212d705c60b42
|
||||||
|
Loading…
Reference in New Issue
Block a user